mirrors/sqlite
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix a potential NULL pointer dereference following OOM.

Browse Source 
FossilOrigin-Name: 8ce3cb90965771530c0021173d98720fc4c76bb99e69f7a879f80471dea0aace
This commit is contained in:
drh 2021-01-15 15:21:27 +00:00
parent 19ef211d85
commit 9d326d6793
3 changed files with 16 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
manifest
View File

@ -1,5 +1,5 @@
C Add\sa\snew\soptimizer\sdisabling\sbit\sto\sclose\soff\sthe\sexists-to-in\soptimization,\nfor\stesting\spurposes.
D 2021-01-15T15:17:14.152
C Fix\sa\spotential\sNULL\spointer\sdereference\sfollowing\sOOM.
D 2021-01-15T15:21:27.437
F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724
@ -630,7 +630,7 @@ F src/walker.c d9c4e454ebb9499e908aa62d55b8994c375cf5355ac78f60d45af17f7890701c
F src/where.c 0e6abb22a2323fec80b450825593c26a2ad8f4815d1ee3af9969d8f6144bf681
F src/whereInt.h 9a3f577619f07700d16d89eeb2f3d94d6b7ed7f109c2dacf0ce8844921549506
F src/wherecode.c a3a1aff30fe99a818d8e7c607980f033f40c68d890e03ed25838b9dbb7908bee
F src/whereexpr.c 2d42217961cf8da8280779df88bcfb7cb3ee719369cafb44ac2b376fdecf9db7
F src/whereexpr.c 8ea4f6cd1332fdfbfbe832dc8a9f5194990684870931e7a07c2cafbc544588e7
F src/window.c edd6f5e25a1e8f2b6f5305b7f5f7da7bb35f07f0d432b255b1d4c2fcab4205aa
F test/8_3_names.test ebbb5cd36741350040fd28b432ceadf495be25b2
F test/affinity2.test ce1aafc86e110685b324e9a763eab4f2a73f737842ec3b687bd965867de90627
@ -1896,7 +1896,7 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93
F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc
F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e
F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0
P dcb7772d7695ddbc0fe89e06c07ff4a6ae4fa05de914e2ec10b5cc07a62ed49f
R 6fb63e2f60db07c2af9d4dfa7cc52f88
P a80c9a076d31729282004ca372913c9fdbfb6e74711fbb8c5dc12ee0ecba2b87
R 31b39e7a643244cb65bba0cd39985e5a
U drh
Z 5ba57a27c0ec24c2bc90f07584644072
Z 96ac907b935dc11fb79e0a38f40aef27

2
manifest.uuid
View File

@ -1 +1 @@
a80c9a076d31729282004ca372913c9fdbfb6e74711fbb8c5dc12ee0ecba2b87
8ce3cb90965771530c0021173d98720fc4c76bb99e69f7a879f80471dea0aace

14
src/whereexpr.c
View File

@ -1153,6 +1153,7 @@ static void exprAnalyzeExists(
Expr *pInLhs = 0;
Expr **ppAnd = 0;
int idxNew;
sqlite3 *db = pParse->db;
assert( pExpr->op==TK_EXISTS );
assert( (pExpr->flags & EP_VarSelect) && (pExpr->flags & EP_xIsSelect) );
@ -1162,10 +1163,13 @@ static void exprAnalyzeExists(
if( pSel->pWhere==0 ) return;
if( 0==exprAnalyzeExistsFindEq(pSel, 0, 0) ) return;
pDup = sqlite3ExprDup(pParse->db, pExpr, 0);
if( pDup==0 ) return;
pDup = sqlite3ExprDup(db, pExpr, 0);
if( db->mallocFailed ){
sqlite3ExprDelete(db, pDup);
return;
}
pSel = pDup->x.pSelect;
sqlite3ExprListDelete(pParse->db, pSel->pEList);
sqlite3ExprListDelete(db, pSel->pEList);
pSel->pEList = 0;
pInLhs = exprAnalyzeExistsFindEq(pSel, &pEq, &ppAnd);
@ -1184,13 +1188,13 @@ static void exprAnalyzeExists(
Expr *pAnd = *ppAnd;
Expr *pOther = (pAnd->pLeft==pEq) ? pAnd->pRight : pAnd->pLeft;
pAnd->pLeft = pAnd->pRight = 0;
sqlite3ExprDelete(pParse->db, pAnd);
sqlite3ExprDelete(db, pAnd);
*ppAnd = pOther;
}else{
assert( pSel->pWhere==pEq );
pSel->pWhere = 0;
}
sqlite3ExprDelete(pParse->db, pEq);
sqlite3ExprDelete(db, pEq);
idxNew = whereClauseInsert(pWC, pDup, TERM_VIRTUAL|TERM_DYNAMIC);
if( idxNew ){